OPNsense 24.1.3 released
This update fixes minor issues in the software and adds a CSV import/export to the Kea DHCP reservations to make bulk edits much easier. It also fixes defaults in Suricata 7 that would negatively impact the IPS mode usage and updates the curl package to its current latest version. Here are the full patch notes:
- system: prevent gateway removal when it is currently bound to an interface
- system: fix assorted PHP deprecation warnings
- firewall: add optional advanced property “State policy” to influence state creation on a per rule base
- firewall: fix floating rule display (contributed by lin-xianming)
- firewall: fix display of ICMP tooltip (contributed by lin-xianming)
- firmware: fix missing space in audit message
- kea-dhcp: add import/export as CSV on reservations
- intrusion detection: set exception-policy and app-layer.error-policy to their advertised defaults
- unbound: make atomic copies of root.hints file to hopefully appease Unbound startup problems
- unbound: fix missing /lib nullfs mount in chroot
- unbound: add aggressive-nsec option toggle (contributed by kulikov-a)
- wireguard: remove duplicate “pubkey” field, remove required tag and validate on Base64 in model
- wireguard: address assorted interface configuration inconsistencies during configuration
- mvc: fix model cloning when array items contain nested containers
- ui: fix epoch support as number in bootgrid
- ui: replace all > and < occurrences in treeview (contributed by lin-xianming)
- wizard: reorder storage sequence to fix hostname/domain change bug
- plugins: os-theme-cicada 1.35 (contributed by Team Rebellion)
- plugins: os-theme-rebellion 1.8.10 (contributed by Team Rebellion)
- ports: curl 8.6.0
- ports: dnspython 2.6.1
- ports: expat 2.6.0
- ports: libpfctl 0.9
- ports: libxml 2.11.7
- ports: lighttpd 1.4.74
- ports: pcre2 10.43
- ports: php 8.2.16